Beta Blowout

Microsoft is gearing up for an action-packed season of product launches. Between
now and spring 2007, IT managers can expect to welcome major new versions of
Office, Exchange, Windows and Windows Server.

The action got off to an early start when Microsoft delivered a trifecta of beta 2 releases during the WinHEC conference in late May. Betas of Office 2007, Windows Vista and Longhorn Server give IT professionals a chance to assess the progress of these key products -- and plan for what looks to be a very busy future.

So what can we learn from this beta blowout? A lot. For instance, Office 2007
has the look and feel of a very polished product, while Windows Vista is still
suffering from growing pains. We worked with all three products and came away
with some strong impressions.

Microsoft is calling Office 2007 "the most important new version of Office in 10 years." Visually, the new Office is striking, with programs cast in cool blue
and gray hues. More impressively, the late May beta build seems quite stable. Documents and applications opened quickly on our 3.0GHz Pentium 4 test
system with 1GB of RAM. Outlook produced a crash during the initial setup of account settings, but otherwise failures were rare.

Look and Feel
Perhaps no feature has gained more attention and created more concern than the
new Ribbon user interface (UI), which replaces the familiar menu and icon toolbars
across the top of each application. It's a bold move toward contextual interfaces,
where visible tools and commands change based on what the user is doing.

Surprisingly, the new UI works. Click on a table in Word, for instance, and the icons and commands specific to tables appear. The Ribbon does a fine job of exposing hard-to-find functionality and should help novice and intermediate Office suite users get a great deal more out of the software.

The same may not be said for IT and help desk experts, who must scurry to support the new interfaces. Everything from employee training to troubleshooting scripts will need a complete overhaul. Advanced users may also resent the change -- and Microsoft will not provide a "legacy" interface. The software will recognize old Alt-key combinations. For instance, press Alt-T-W and Word 2007 dutifully delivers the Word Count dialog box -- even though the Tool menu item is a thing of the past.

Not every program has gotten the Ribbon treatment. Word, Excel, PowerPoint and Access have been updated. And while the main Outlook interface is unchanged, e-mail message windows actually sport Ribbon controls. Go figure.

All users should welcome the live preview feature, because it lets you see the effect of an action before taking it. Hover the mouse over the Heading 1 style Ribbon item in Word and any text that's selected will update to show how the formatting will look. Click the Ribbon control, and the style is applied. Don't click it, and the preview goes away when the mouse is moved off the control. This stuff is seriously cool and works for many formatting functions.

The X-Files Beta 2 also implements default XML file formats for Word, Excel and PowerPoint.
These files are not backward-compatible with earlier Office versions, so businesses
must plan ahead or risk incompatibilities. Also, most PCs lack the Calibri font
-- the new default that replaces Arial in Office 2007 -- yielding muddled text
rendering on non-Office PCs.

Intriguingly, the XML files Office saves are actually ZIP-compressed files. Rename a DOCX Word file with a .ZIP extension, and Explorer can open it to reveal a set of subfolders and XML files.

This is cool stuff. Licensing issues notwithstanding, Office 2007 could open a lot of green field for third parties to develop into. Imagine applications that examine the modular, XML-based files to enforce corporate-approved styles, colors and logo imagery, or scrub out potentially sensitive metadata.

Native PDF output -- a welcome addition -- was present in the Beta 2, but objections from Adobe could mean this functionality will require a user download in the final product. Microsoft does offer its own, XML-based document archiving file format, called XML Paper Specification (or XPS). No surprise, OpenDocument Format (ODF) file types are not supported.

A Positive Outlook For all the intensive face work, the program that benefited most is Outlook.
Microsoft did a good thing when it pulled together the mail, calendar and task
functions of the Outlook client. Now you can view tasks in the same window as
your schedule, and quickly flag e-mail messages as tasks, so they appear in your
task list and calendar. This eliminates a lot of clumsy switching among modules.

By default, Outlook presents a four-pane view across the screen -- Folders, Inbox, Message Preview and To Do, which combines a view of calendar and tasks. Alas, those without wide-format displays may need to collapse at least one of these elements for space.

Outlook also streamlines attachment handling so you can open a mail message, right click the attachment and click Preview. A view of the attached file appears in the Preview pane -- you stay right in Outlook.

Another big winner in the 2007 upgrade is Excel. The program now supports up
to one million rows and 16,000 columns per sheet (up from 65,536 rows by 256
columns). A sure-fire user favorite is the interactive conditional formatting,
which automatically applies nifty graphical elements based on data in the selected
cells. With a quick click or two, you can have Excel display a heat map that
color codes cells by relative value. Or select from among clever and tasteful
options that include in-cell bar graphs or even Consumer Reports-style scoring
pucks.

Yes, these neat cosmetic tricks are destined to be used and abused by enthusiastic
spreadsheet jockeys worldwide, but don't blame Microsoft for that. This is good
stuff that makes important information stand out.

If there is one problem with Office -- aside from the fact that there are enough
versions to set your head spinning -- it's screen real estate. Those running
Office on monitors smaller than 17 inches may be frustrated by the pixels gobbled
up by thick Ribbon bars, feature panes and beefed up context menus.

SharePoint
Server: Meet the New Boss

By Rick Taylor

Microsoft SharePoint always aimed to let organizations
share and leverage information, but Microsoft Office SharePoint
Server 2007 finally pays off on the collaborative vision.
The good news starts in the Administrative interface, where
managers can now view and implement tasks and procedures across
the server farm.

SharePoint architects will applaud the new Reparenting
feature, which lets you dynamically change the hierarchy of
SharePoint sites. No more backing up, deleting and redeploying
sites when moving to a new location. Reparenting should be
a boon for SharePoint 2003 administrators migrating to the
new version.

Speaking of migration, the new SharePoint lets you rename
servers without breaking the entire hierarchy. The new "STSAdm
renameserver" command lets admins change the server names
-- theConfigDB re-maps the affected URLs to the new target
name.

These features are just the beginning. SharePoint unveils
powerful social networking features, so people can find colleagues
by role, expertise, interests or contacts, for example. Call
it MySpace for the suit-and-tie set. There's also vastly enhanced
search functionality, which helps unearth both structured
data and unstructured information in documents, e-mail and
IM logs.

Rick Taylor, MCSE, MCT, is a consultant who has been deploying
SharePoint portals since 2001.

What has Microsoft delivered with Beta 2 of Windows Vista? In short, it's an inspired muddle.

On the one hand, Vista is a security-minded tour de force that finishes what Windows XP Service Pack 2 started way back in 2003. The security benefits alone merit an upgrade -- from the bi-directional software firewall and vastly more secure Internet Explorer browser, to the ambitious User Account Control (UAC) feature that closes a gaping hole in Windows' account privilege structure.

On the other hand, all the spit and shine of the Aero Glass interface can't hide the rough edges and broken promises that bedevil Vista. Missing are once-hyped features like the WinFS file system and the Extensible Firmware Interface (EFI) slated to replace the PC BIOS. And while Microsoft has worked to streamline the chatty Vista interface, the nag factor remains high. UAC prompts are frequent and disruptive, and simple file operations -- like moving program shortcuts -- can require as many as three or four clicks to punch through the confirmation prompts.

Rough and Ready? In terms of retail readiness, Vista lags behind Office 2007. The install
routine -- at least at this Beta 2 stage -- is both clumsy and over-long. Even
on a fast PC, the upgrade from XP took over two hours. And that doesn't count
aggravations like having to quit the setup to uninstall offending software (such
as AVG Anti-Virus). It would help if compatibility checks occurred before users
input the 25-character product code.

All that said the upgrade works. Three hours after popping in the Vista Beta
2 disc, I was running my existing applications, including such non-standard
fare as Portable OpenOffice, Firefox and the Video LAN Client (VLC) media player.
The installed copy of Office 2003, however, got confused and started hassling
me for a .CAB file at every turn -- even opening Explorer folders invoked the
Office installer. I had to dig up my old Office discs to fix the annoyance.

[Click on image for larger view.]

Figure 2. No more digging
through fly-out menus for programs. The Start Menu search does it for you.

Visually, Vista is a feast. The Aero interface, for those able to run it, dishes
up a translucent parade of subtle icons, see-through program windows and gently
curved dialog boxes. The Vista Sidebar adds to the splendor, with sleek-looking
Gadgets that do things like display time, resource usage and RSS feeds. You'll
want a larger monitor -- at least 17 inches -- to take full advantage of the
interface.

Seasoned Windows users will have to relearn some old tricks. For instance, the Shared Documents folder now resides under a master folder called Public. Likewise, tried-and-true interface tricks -- like, right-click Desktop, click Properties -- no longer leads you to the familiar tabbed Display Properties dialog box.

Those complications are countered by effective organization. The Control Panel icon nestled at the top-left corner of the desktop, for instance, offers one-click entry to configuration tools. The Control Panel interface is also well managed, broken into topical sections that help avoid icon overload.

One of the most welcome improvements is search. The Start Menu boasts a handy search text box that lets you quickly find files, e-mail messages and even programs. Start typing in text and the Start Menu list displays the filtered results in real time (see Figure 1).

Lock DownIs all the eye candy and subtle refinement worth weathering the stress
of a system upgrade? For business and even many home users probably not. But the
security enhancements in Vista run so deep that the OS deserves a long, hard look.

No single feature is as important in this regard as User Account Control (UAC), the technology that should finally let users operate effectively with limited rights. Today, the vast majority of Windows XP users run with administrative privileges, in part because many applications require heightened access. The result: systems are wide open to attack by malware.

UAC end runs this limitation with a technology called file and registry virtualization.
Application writes bound for secure areas of the system are redirected to a
virtual store under the user profile. As far as the application knows, it enjoys
carte blanch to the system.

The drawback? Every time an application seeks heightened privileges, users
are confronted with the UAC control. The rest of the system is frozen out; meaning
users must drop everything to address the query. Still, it beats getting owned
by the latest worm du jour.

Another important security technology could help limit embarrassing data spills. BitLocker Drive Encryption, included in the Enterprise version of Vista, encrypts the entire drive to ensure that a lost or stolen PC doesn't invite disaster. Without the password or hardware key to unlock the data, the drive is unreadable.

Choices, Choices All told, Microsoft will sell six flavors of Vista, including a stripped-down
Starter version that is aimed at markets in developing nations. The two Home versions
-- Home Basic and Home Premium -- forego multiprocessor support, but will recognize
both cores in dual-core CPUs. Home Basic lacks the full Aero interface, as well
as goodies like the Media Center interface and Movie Maker and DVD Maker creation
software.

Three business-oriented versions of Vista are set to roll -- Business, Enterprise and Ultimate. Windows Vista Business offers domain support, file- and folder-level encryption and Tablet PC capability. Moving up to Enterprise adds features like ShadowCopy file versioning, image-based backup and recovery and BitLocker Drive Encryption. Included also is Virtual PC Express, a single-instance virtual PC under Vista,

Longhorn Server: Worth the Wait The next Windows server impresses.
By Don Jones

If you've been struggling to figure out what sort of value Vista might bring to your organization beyond security improvements, rest assured of two things -- you're not alone and Windows Server (aka "Longhorn") will be a welcome relief. Longhorn will provide a more comprehensive and obvious set of advantages. Longhorn Beta 2 is not feature complete, but I was pleasantly surprised at how far along the operating system seems at this stage.

Microsoft has built Longhorn to be almost completely modularized. This type of architecture lets you install only the components you need. In fact, Longhorn is barely functional as a server right out of the box. It only has a few core elements installed and operational. The thinking there is that it presents an extremely small attack surface.

From there, you can customize your server by adding whichever components you need, but give this serious consideration. Remember, functionality equals moving parts. That equals potential vulnerabilities. By restricting the functionality on your servers to the lowest possible level, it will be easier to keep them secure.

A comprehensive new Server Manager console will help you manage these modular components. In a way, this wraps up and extends the "Manage Your Server" application from Windows Server 2003. By the way, whenever you install new components, Longhorn automatically checks for updates to ensure that your server remains completely up-to-date.

Speaking of less functionality, Longhorn offers a new installation option called Server Core. This is essentially a stripped-down, 500MB version of the operating system. Server Core provides a minimal, command-line only administrative interface (that's right -- no GUI, although you can manage it remotely with all the familiar GUI-based tools). It can also act as a file server, domain controller, DHCP server and DNS server. It's the perfect, super-stable, small-footprint infrastructure server.

Tightened Security Microsoft essentially rewrote Longhorn's TCP/IP stack from the ground
up to make better use of IPv6 and vastly improve performance for IPv6 and IPv4
traffic. Built-in Quality of Service (QoS) capabilities help Longhorn work better
on modern networks.

There is also built-in network protection -- and not just for remote connections. You can require that all clients logging onto the network meet set standards for patch levels (provided they have the appropriate Client Health software), antivirus software and so on before allowing access. You can also restrict noncompliant clients to a subset of the network, so they can install any missing patches or software.

With its infamous security woes, Microsoft can't even automatically trust Windows' own files anymore. A new OS File Protection layer will check each system file against an encrypted list of checksums. Any file that doesn't match its checksum -- meaning the file has somehow been modified, possibly by a virus or other malware -- is automatically replaced from the installation media.

LocalSystem, Local Service and Network Service also get a bunch of new friends that will help services run under more precisely permissioned accounts. Microsoft has determined which permissions every built-in service requires in order to run. It then created built-in service accounts with exactly those permissions -- no more, no less -- so every service gets just what it needs. This is a welcome change and finally sets up services to better conform to the Principle of Least Privilege that Microsoft has been preaching for years.

Upgraded Functionality New support options for transaction-based operations will let developers
automate file and registry operations. In other words, an entire series of registry
and/or file operations can be bundled into a single "transaction." Longhorn will
ensure that either all of them happen -- or none of them happen. This will help
make software installation more reliable and easier to recover from in the event
of a problem.

Terminal Services gets another round of welcome improvements as well. First up is RDP over HTTP -- the ability to access Terminal Services using HTTP traffic. This passes more easily over public networks than RDP itself.

Remote Programs will also be widely appreciated. Users can "install" applications on a Terminal Services box. They get a normal application icon in their Start menu that opens a Terminal Services window containing only that application when you click it. This is similar to functionality Citrix has been providing for years in its Metaframe product.

Finally, say goodbye to Virtual Server 2005. Longhorn provides an upgrade path to its built-in virtualization capabilities. Longhorn essentially comes with Virtual Server-esque features. These are closely tied to hardware virtualization technology built into the newer Intel and AMD processors. A new member of the System Center family will serve up single-seat, enterprise-wide administration for your virtual infrastructure.

That's Not All Folks Longhorn has plenty more tricks up its sleeve -- Bitlocker system volume
protection, SMB 2.0, class-based device driver installation control, consolidated
and easier IPSec configuration, the ability to delegate IIS permissions and more.
It's shaping up to be the most significant evolution of Windows since Windows
2000. We'll have to be patient a bit longer until it arrives, but there's plenty
to look forward to.